Passed CEH Today 1/2/15

mcttrainer

Just wanted to share my CEH testing experience. I passed with an 80% on a passing scale of 70% - 100%. There were 125 questions in a 4 hour window. To my surprise, I was done just an hour and a half into the exam. Also, to my surprise, I found the exam easier than expected. For obvious reasons, I can't get into too much detail but I can say that I saw questions regarding NMAP switches, IDS, Snort logs, XSS, firewall states, ALE/SLE/ARO, incident management, risk management, compliance laws, heartbleed, poodle, shellshock, wireshark filters, tcpdump, wireless hacking tools, lots of random tools, pen testing types, etc. I used the AIO CEHv8 Matt Walker book, and I have the official courseware which I flipped through some of the slides very quickly. For those that are already CEH certified, this exam is fairly straight forward. It doesn't feel that different from previous ones. This is just my experience. Obviously each exam will be different thus shape our perspectives accordingly. One thing I want to be clear on is there is no longer a CEHv8 exam. It is now version agnostic. The exam title is simply CEH 312-50. That is all you will see if you schedule it. In English, it's the CEHv9 exam minus the title. Study accordingly. Any questions or thoughts, feel free!-MCTTrainer

mcttrainer

I meant to say 1/2/16 in the title there. Sorry for confusion!

DAVIS NGUYEN

Congrats!

wayne_wonder

Am I the only one who's sceptical of these passed threads when the person has just joined the forum in the last few days ?

Not being rude if it's all above board and congrats if so

danny069

Congrats! I have the new CEHv9 pdfs 1 through 18, do you think that would be enough to pass?

mcttrainer

Wayne_wonder,

You're probably not the only one but I'll explain. I was worried about this test due to the lack of materials out there. As a result, I wanted to get some recent information from a "CEH Forum". My search led me here. I can read anonymously but obviously can't post anonymously, therefore I created an account so I can try to pay it forward with a little bit of information.

mcttrainer

In itself, I would have to say no. However, your background seems strong in security therefore it just might be a yes. Do you have the slides or the courseware?

Having seen various CEH materials over the years, I can say that the official courseware/slides cover the exam the best. Sometimes a bit overkill, but better too much than too little.

However, something changed with this version of the test. The previous CEH exam I took was heavy into exhibits and pictures, this one had zero. I found prevIt was very cut and dry. It is almost as if EC-Council dumbed it down due to the instantaneous switch-over between v8 and v9?

slyweex

wayne_wonder wrote: »

Am I the only one who's sceptical of these passed threads when the person has just joined the forum in the last few days ?

Not being rude if it's all above board and congrats if so

I would second mcttrainer. No point in registering unless you have something to say.
Most people who pass the exam - they don't even play in these CEH8 vs CEH9 games as it doesn't really matters for the ones, who work in InfoSec industry. Seriously.

KMurrie

First of all congratulations on passing and thank you for posting your experience. I been watching this thread for awhile now for updates on this whole v8 v9 fiasco. I was trying to see if people were able to pass it after that mess. I agree with your point of the exam being version agnostic. I take the exam February 12 2016. It is a requirement that I have this certification (DoD). This whole v8 v9 fiasco has made getting this certification more stressful than it should be. Anyway, right now I am studying all the objectives that are on the CEHv8 Exam Blueprint v2.0 in excruciating detail using a variety of different sources. I would like to know if this is an accurate way to study and pass the exam. Common sense says yes; In order to pass the exam you need to answer the question that are on the exam objectives. However, after all this v8 v9 mess I don't know what to think. I felt compelled to respond to this thread after reading slyweex comment. There really is no point of registering unless you have something to say. After passing my Security+ exam, I did something similar that mcttrainer did and posted a thread on the Security+ forum after I passed. Just wanted to pay it forward and help others pass their exam by offering my experience about the exam. Kevin

Sch1sm

danny069 wrote: »

Congrats! I have the new CEHv9 pdfs 1 through 18, do you think that would be enough to pass?

If you mean the official EC-Council courseware I don't think that will be enough to prepare you for the exam alone (afterall, the exam is not based on any courseware...) however, you already have a few certifications and as far as I'm aware you have been studying for the CEH for a while now - based on that I think you'll be fine. If you feel ready to sit the exam I think you should pass. All the best.

mcttrainer

The latest CEH exam has changed since the last one I took. Previous CEH exams were heavy on exhibits and had more questions. This exam had zero exhibits, 125 instead of 150 questions, yet still a 4 hour window. I didn't even need 2 of those hours. The exam actually felt more like a Security+ test in terms of the formatting. Very straight forward format.

There were various spelling and grammatical errors as always with CEH exams but nothing I couldn't navigate around.

I have little evidence but I suspect that EC-Council may recognize that with V8 retiring without warning, zero V9 books/practice tests available over-the-counter, maybe they threw us a bone by simplifying the exam some? Most of the questions I received were similar to questions I've received on previous CEH exams. The new stuff represented a small percentage of questions. That said, I don't believe you NEED v9 materials to pass the test.

Then again, that just might be my experience with the exam.

The point is you guys can do this!

Good luck!

- MCTTrainer

Sch1sm

mcttrainer wrote: »

The latest CEH exam has changed since the last one I took. Previous CEH exams were heavy on exhibits and had more questions. This exam had zero exhibits, 125 instead of 150 questions, yet still a 4 hour window. I didn't even need 2 of those hours. The exam actually felt more like a Security+ test in terms of the formatting. Very straight forward format.

There were various spelling and grammatical errors as always with CEH exams but nothing I couldn't navigate around.

I have little evidence but I suspect that EC-Council may recognize that with V8 retiring without warning, zero V9 books/practice tests available over-the-counter, maybe they threw us a bone by simplifying the exam some? Most of the questions I received were similar to questions I've received on previous CEH exams. The new stuff represented a small percentage of questions. That said, I don't believe you NEED v9 materials to pass the test.

Then again, that just might be my experience with the exam.

The point is you guys can do this!

Good luck!

- MCTTrainer

I'm too exhausted and I'm too tired to go through the song and dance around this but I disagree with the majority of this post. However, congratulations on passing. What's next?

mcttrainer

Sch1sm,

I'm curious as to what you disagree with?

Sch1sm

I have no idea where you got 150 questions from, for a very long time it has always been 125. I'm not sure what you mean by exhibits? Scan results? There are plenty of those. There is no way the ECC simplified the exam to bend to v8/v9 pressure. What previous CEH exams did you sit? I struggle to see why you would sit the exam again unless your cert has expired - in which case the questions would naturally be different from the exam you sat 3 years ago.

E Double U

Congrats on the pass mcttrainer!

What is your background? I'm curious of how much security experience you had going into the exam.

GreaterNinja

wayne_wonder wrote: »

Am I the only one who's sceptical of these passed threads when the person has just joined the forum in the last few days ?

Not being rude if it's all above board and congrats if so

No you certainly are not. I find these newly joined member "I passed CEH and it was easy" posts quite suspicious. I suppose only the Forum administrators can lookup their IPs and see if there is any correlation.

Either way congrats on your pass.

mcttrainer

I didn't want my involvement on this forum to become about me for even a secondbut two people have already questioned my credibility and I imagine more will as well since that is what happens on forums.

I'm here to offer what help I can to the community, anonymously as well so that it is made clear that I am not up-selling myself nor my employer's training products.

The last exam I took was version 7 and it had 150 questions. I didn't bother getting V8 certified since I fell off the CEH wagon for a while but my employer put me back on it. V8 and V9 are 125 questions as many of you know. The version 7 exam had a lot of questions with graphics/exhibits. This test did not have graphics.

I'm not saying they, in fact, made the exam easier. I merely suggested it as a possibility because I found this test MUCH easier than the version 7 test I took. My certification was about to expire therefore I updated it. I also never said the current questions were the same as for the previous exams either. I merely said they were similar. A lot of them were!

I've only joined this forum recently because I only discovered it recently. A few days ago I was studying for CEH and thought I could use some tips from the Internet community. Therefore I typed "CEH Forum" on Google and Techexams were my first two results. The forum gave me some targeted studying ideas which helped me pass the test. Now that I passed, I'm paying it forward.

I don't work for EC-Council. As my alias "MCTTrainer" alludes to, I'm a technical instructor and, more often, for Microsoft products. I've been teaching IT certification classes for the past 10 years for a commercial training organization. CEH was something I taught a bit a few years ago and its back on my rotation now therefore I've been spending a lot of time ramping up on it. Otherwise I teach Microsoft and CompTIA courses far more often. I teach MCSE/MCSA courses involving W2K12R2, Windows 10, W2K8R2, A+, Net+, Sec+, Cloud+, Cloud Essentials, Healthcare IT Tech, Social Media Security Professional, Office 365, SharePoint, and others. I'm an adviser to CompTIA's Global Instructor Network, and I'll be on the Network+ committee for the 2017/2018 release. I have 25+ certifications and nearly 20 years experience. I've taught security courses to every branch of the military and government. I'm not an insider but like a lot of you, I have a background. This background has helped me for the exam. If I was an EC-Council insider, a lot of what I'm saying here wouldn't be said.

I've met with EC-Council at various conferences throughout the USA and they always seemed like nice people. However, they have driven me and my fellow CEH instructors crazy over the past few years largely due to the language barrier and their poor responses/delays in e-mail exchanges. They have gotten much better with me recently, but it took a while to get to that point. Now they are driving my students crazy as well with the recent V8 disappearing trick. I personally disapprove of how this whole V8/V9 thing went down because a new IT certification should NEVER kill the previous one immediately. There should be a grace period. That said, I believe EC-Council did this more out of compliance obligations than anything else.

I'm just trying to help. It is what I do for a living. Please stop attacking me and let's talk CEH!

-MCTTrainer

slyweex

Guys, really there is not need in 'witch-hunting' there are naturally two kinds of people. Ones who wanted just to get another certification to enter into the security field (or for their self-amusement and filling up the list of different acronyms in their profile) without any prior knowledge. And the ones who are already working as security professionals.
It is not unusual practice for people to try to get a cert by memorizing all the answers from the exam **** with a little knowledge on their hands. And if it fails - I can understand their grief. You can wander around linkedin and find a horde of 'certified' professionals from India (for example) who barely see a difference between xss and csrf. But that's their choice. And I feel like these are the same people who constantly fail the exam.
On the other hand - there are lots of people who just work in infosec and most of the knowledge just comes naturally because you use it in your everyday routine - risk management, web application and networking stuff.
As for me - I have 4+ years of experience in application security bound to me company's SDLC. So some risk and incident management questions, as well as questions regarding US laws were unknown for me. In such situations filtering out the answers and throwing out obviously wrong ones - helped.

And yes, if you are curious about going via the first route of memorizing - if you pass v8 exam **** and all skillset questions re CEH - I believe you would be fine.

danny069

Sch1sm wrote: »

If you mean the official EC-Council courseware I don't think that will be enough to prepare you for the exam alone (afterall, the exam is not based on any courseware...) however, you already have a few certifications and as far as I'm aware you have been studying for the CEH for a while now - based on that I think you'll be fine. If you feel ready to sit the exam I think you should pass. All the best.

Yeah I've been studying for a whole year now lol, I do have the new courseware, a lot of materials overlap, meaning, they are similar in the sense that you'll see a repeat of terminology and concepts. From what I see from my readings of books from Sec+, CEH, CISSP, CCNA, along with my coursework at my university, all coincide with each other, which is helpful the realm of IT Security.

danny069

mcttrainer wrote: »

I'm just trying to help. It is what I do for a living. Please stop attacking me and let's talk CEH!

-MCTTrainer

Thanks MCTTrainer for your review of this exam, it is helpful, and good for you for sticking up for yourself. Usually this is a peaceful environment

colemic

KMurrie wrote: »

It is a requirement that I have this certification (DoD).

CEH is only one of several different certs that will satisfy various 8570 IA roles. I would suggest looking into other certs for better value and ROI, such as as GCIA, GCIH, CSIH, GSNA, or SSCP (depending on what particular role you are in.)

webtech31

I'm going to drop a reply to second mcttrainer here:


- CEH v7 had 150 questions. You're free to check that on Google or whatever source you deem reliable enough. Maybe just drop a mail to EC-Council and ask them for a nice shiny certificate
- CEH v8 and CEH post Oct 15th (aka CEH v9) have 125 questions. Same time limit : 4 hours


- There is a significant amount of "newly joined members" on TE forums that are willing to share their recent experience on the CEH exam. Most of these people (like me) were just lurkers, browsing anonymously the forums to collect info, without feeling the need to say something.
Aside of the member of the Scheme Committee who tried to downplay the v9 impact on the "CBK", I can't see a point for EC-Council to send goons to spam this forum in an attempt to repair their faulty reputation. They are not smart enough for this, and it's just too late anyway.
So would you please stop your conspiracy theory now ?


- Many people here have exposed what materials and strategies they used to study for the actual exam. This is a good information for all the anonymous readers that want to prepare themselves. Ain't this a primary purpose of these forums ?
The content gap on the post-v8 exam has also been accurately described in various topics (latest vulns, questions format and whatnots).

- My opinion would be that the v7 exam was easy because it was just about regurgitating small chunks of the official course. This exam also had a lot of graphics contents that aided a lot in answering the questions.
However the actual exam is easy onlyif you already have experience in penetration testing.
If you don't, your mileage will definitely vary.

This is a significant shift in the target audience for the certification.
As I said in another topic, this may turn into a good thing for the security community. Or it may not. We'll make a follow-up on v10

Gess

People upset at CEH because they failed the exam are suspicious of people that passed the exam. Sounds like confirmation bias. Ignore the success stories while posting endlessly in complaint threads about how 'unfair' the exam is.

If MCTTrainer were a shill it seems like a long way to go to try and impress upon people that have already made up their minds that they've been wronged somehow.

Hope you stick around, MCTTrainer, knowledgeable folks that are willing to take the time to contribute are what make this forum really great some days.

mcttrainer

Thanks Gess, webtech31, danny069 and slyweex. I appreciate it! I'll be here and on other boards, particularly on the CompTIAs since many of those people are relatively new to the field.

Any new CEH passers here?? Let us know your experience.

-MCTTrainer

slyweex

I'll add up to MCTTrainer that I also refreshing CEH threads on daily basis, so if there are any questions - I would also be glad to help both as the person who passed the exam and the person who possesses enough knowledge to rectify any unclean moments regarding technical side of CEH questions.

p.s. no, i'm not affilated with ECCouncil

GreaterNinja

mcttrainer,

Although somewhat coincidental, I do believe your story to be valid and semi-genuine. So my apologies on how I communicated my previous statement as I believe the context was misinterpreted. We have had a increase of new accounts on TE posting stories about CEH. As someone who has studied both exam versions and passed the new one I've found many of the new account posts do not seem believable.

This isn't about a witch hunt, its about determining who is actually posting genuine statements and who is using shill/multi accounts to mislead the TE community with false information.

Vicp160

congrats

mcttrainer

GreaterNinja,

I'm confused. You said you believe my story to be valid and semi-genuine. That's a contradiction in terms.

Your next sentence follows the semi-genuine insult with an apology for a previous communication. That, in itself, is semi-genuine.

-MCTTrainer